-
Notifications
You must be signed in to change notification settings - Fork 659
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support the bandit check by GitHub Action #2358
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
xumia
changed the title
Support the bandit check in GitHub Action
Support the bandit check by GitHub Action
Sep 8, 2022
qiluo-msft
approved these changes
Sep 8, 2022
dgsudharsan
added a commit
to dgsudharsan/sonic-buildimage
that referenced
this pull request
Sep 14, 2022
Update sonic-utilities submodule pointer to include the following: * 4d377a6 [subinterface]Added additional checks in portchannel and subinterface commands ([sonic-net#2345](sonic-net/sonic-utilities#2345)) * bbcdf2e disk_check: Publish event for RO state ([sonic-net#2320](sonic-net/sonic-utilities#2320)) * 3fd537b Support the bandit check by GitHub Action ([sonic-net#2358](sonic-net/sonic-utilities#2358)) * 491d3d3 [generate dump]Added error message when saisdkdump fails ([sonic-net#2356](sonic-net/sonic-utilities#2356)) * 6830e01 [counterpoll]Fixing counterpoll show for tunnel and acl stats ([sonic-net#2355](sonic-net/sonic-utilities#2355)) * 3be2ad7 [fast-reboot]Avoid stopping masked services during fast-reboot ([sonic-net#2335](sonic-net/sonic-utilities#2335)) * 0e1b0cf [GCU] Fix missing backend in dry run ([sonic-net#2347](sonic-net/sonic-utilities#2347)) * 676c31b Add verification for override ([sonic-net#2305](sonic-net/sonic-utilities#2305)) * 48997c2 Add Password Hardening CLI support ([sonic-net#2338](sonic-net/sonic-utilities#2338)) * 414e239 update unit tests for swap ([#locato](https://github.com/Azure/sonic-utilities/pull/locato)) * a91a492 consider swap checking memory in ([#stalle](https://github.com/Azure/sonic-utilities/pull/stalle)) * f0ce586 [route_check]: Ignore standalone tunnel routes ([sonic-net#2325](sonic-net/sonic-utilities#2325)) Signed-off-by: dgsudharsan <sudharsand@nvidia.com>
7 tasks
dprital
added a commit
to dprital/sonic-buildimage
that referenced
this pull request
Sep 21, 2022
Update sonic-utilities submodule pointer to include the following: * 0a7557b [minigraph] add option to specify golden path in load_minigraph ([sonic-net#2350](sonic-net/sonic-utilities#2350)) * 322aefc [GCU]Remove GCU unique lane check for duplicate lanes platforms ([sonic-net#2343](sonic-net/sonic-utilities#2343)) * 7099fff [fastboot] fastboot enhancement: Use warm-boot infrastructure for fast-boot ([sonic-net#2286](sonic-net/sonic-utilities#2286)) * 09026ed [warm-reboot] fix warm-reboot when /tmp/cache is missing ([sonic-net#2367](sonic-net/sonic-utilities#2367)) * a3c404c Fix typo in platform_sfputil_helper.is_rj45_port ([sonic-net#2374](sonic-net/sonic-utilities#2374)) * 637d834 Vnet_route_check Vxlan tunnel route update. ([sonic-net#2281](sonic-net/sonic-utilities#2281)) * 29a3e51 Added support for tunnel route status in show vnet routes all. ([sonic-net#2341](sonic-net/sonic-utilities#2341)) * 1ac584b Use 'default' VRF when VRF name is not provided ([sonic-net#2368](sonic-net/sonic-utilities#2368)) * 4d377a6 [subinterface]Added additional checks in portchannel and subinterface commands ([sonic-net#2345](sonic-net/sonic-utilities#2345)) * bbcdf2e disk_check: Publish event for RO state ([sonic-net#2320](sonic-net/sonic-utilities#2320)) * 3fd537b Support the bandit check by GitHub Action ([sonic-net#2358](sonic-net/sonic-utilities#2358)) * 491d3d3 [generate dump]Added error message when saisdkdump fails ([sonic-net#2356](sonic-net/sonic-utilities#2356)) * 6830e01 [counterpoll]Fixing counterpoll show for tunnel and acl stats ([sonic-net#2355](sonic-net/sonic-utilities#2355)) * 3be2ad7 [fast-reboot]Avoid stopping masked services during fast-reboot ([sonic-net#2335](sonic-net/sonic-utilities#2335)) * 0e1b0cf [GCU] Fix missing backend in dry run ([sonic-net#2347](sonic-net/sonic-utilities#2347)) * 676c31b Add verification for override ([sonic-net#2305](sonic-net/sonic-utilities#2305)) * 48997c2 Add Password Hardening CLI support ([sonic-net#2338](sonic-net/sonic-utilities#2338)) * 414e239 update unit tests for swap ([#locato](https://github.com/sonic-net/sonic-utilities/pull/locato)) * a91a492 consider swap checking memory in ([#stalle](https://github.com/sonic-net/sonic-utilities/pull/stalle)) * f0ce586 [route_check]: Ignore standalone tunnel routes ([sonic-net#2325](sonic-net/sonic-utilities#2325)) Signed-off-by: dprital <drorp@nvidia.com>
7 tasks
EdenGri
pushed a commit
to EdenGri/sonic-utilities
that referenced
this pull request
Oct 12, 2022
What I did Support the bandit check by GitHub Action to find out the potential security issues in the python code. How I did it Add the bandit check action in GitHub workflow
mdanish-kh
pushed a commit
to hamnarauf/sonic-utilities
that referenced
this pull request
Oct 22, 2022
What I did Support the bandit check by GitHub Action to find out the potential security issues in the python code. How I did it Add the bandit check action in GitHub workflow
qiluo-msft
added a commit
to qiluo-msft/sonic-utilities
that referenced
this pull request
Nov 19, 2022
This reverts commit 3fd537b.
qiluo-msft
added a commit
that referenced
this pull request
Nov 21, 2022
preetham-singh
pushed a commit
to preetham-singh/sonic-utilities
that referenced
this pull request
Nov 21, 2022
What I did Support the bandit check by GitHub Action to find out the potential security issues in the python code. How I did it Add the bandit check action in GitHub workflow
7 tasks
mdanish-kh
pushed a commit
to mdanish-kh/sonic-utilities
that referenced
this pull request
Nov 23, 2022
…onic-net#2509) This reverts commit 3fd537b. We replaced bandit check with semgrep check.
StormLiangMS
pushed a commit
to StormLiangMS/sonic-utilities
that referenced
this pull request
Dec 11, 2022
…onic-net#2509) This reverts commit 3fd537b. We replaced bandit check with semgrep check.
StormLiangMS
pushed a commit
that referenced
this pull request
Dec 11, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What I did
Support the bandit check by GitHub Action to find out the potential security issues in the python code.
How I did it
Add the bandit check action in GitHub workflow
How to verify it
See the bandit test result: https://github.com/xumia/sonic-utilities/runs/8239964014?check_suite_focus=true
in the test PR: xumia#1
Previous command output (if the output of a command-line utility has changed)
New command output (if the output of a command-line utility has changed)